Compliance Specialist, IT​/Tech

The Compliance Specialist plays a crucial role in ensuring that MRI's business practices align with relevant regulations, industry best practices, and common security standards. By conducting thorough audits and evaluations of various business functions, the Compliance Specialist helps maintain MRI's commitment to cybersecurity, risk management, data privacy, and continuous improvement. While the primary focus is on technical aspects of security, the role also encompasses non-technical business practices to provide a holistic approach to compliance.

We understand the need to provide a flexible working environment partnered with team collaboration and socialisation. Therefore, we operate a hybrid working model with 3 days of working from home per week. This role is based in the Cape Town office.

• Collaborate with business stakeholders to conduct comprehensive audits related to IT general controls, application controls, information security, and business functions
• Address client and internal inquiries regarding compliance, privacy, and security matters, providing expert guidance and solutions
• Maintain and enhance MRI's risk register by creating, updating, and assessing entries to ensure accurate documentation of potential risks and mitigation strategies
• Ensure timely completion of corrective actions by diligently following up with internal and external parties
• Manage the lifecycle of policies and security documentation, including drafting, updating, archiving, and circulating to relevant stakeholders
• Prepare detailed minutes, collect and analyze data, and maintain action lists to support meetings, audits, and incident response efforts
• Align MRI's overall security strategy with internal teams, industry best practices, and global legislation, including but not limited to SOC 1, SOC 2, ISO 27001, NIST, and other standards
• Develop and oversee mitigation plans related to information security risks, audits, and policy findings, collaborating with relevant teams to ensure effective implementation
• Conduct vendor security risk assessments and provide risk-based recommendations to help evaluate and improve the company's risk posture
• Contribute to the development and delivery of engaging and informative enterprise-wide security awareness initiatives to foster a culture of security
• Forge strong, collaborative partnerships with security, infrastructure, legal, audit, and IT teams to ensure a cohesive approach to compliance and risk management
• Stay abreast of emerging trends, threats, and best practices in cybersecurity and compliance, proactively identifying opportunities for improvement and implementing necessary changes

• Professional experience and familiarity with specifically ISO 27001, while ISO 9001, SOC 1, SOC 2, and other auditing standards are also plusses
• Professional experience and familiarity with one or more: NIST, CIS, SANS, ISO, CES, FedRAMP, and other cybersecurity frameworks
• Working knowledge of major international, national, and state level security and privacy regulations, practices, and standards
• Solid technical background with an applied understanding of common types of security risks and mitigation strategies
• Experience with vendor risk management and performing security risk reviews
• Ability to work effectively with geographically distributed teams across different time zones
• Excellent communication and interpersonal skills, with the ability to translate complex technical concepts to non-technical stakeholders
• Strong analytical and problem-solving skills, with a keen attention to detail and the ability to think critically
• Proactive and self-motivated, with the ability to work independently and manage multiple priorities in a fast-paced environment
• Relevant certifications such as CISA or CRISC are highly desirable

• We want our staff to love working here, and so we’ve created a few unique perks such as office breakfasts, quarterly lunches and virtual social events. Additionally, we value your input in your employee experience and have employee-led groups such as our DEI committee, employee resource groups such as Women and Allies, and our Pride Event Group
• Have confidence in your health with our offered Medical Aid Scheme
• Invest in our competitive Personal Pension plan and help set you up for your future
• Big on family? So are we! Here at MRI Software we recognise that your family is important, and being able to spend quality time with your family as it grows is a wonderful experience. Therefore, the MRI Software Parental Leave benefit is designed to give you the opportunity to spend time with your new arrival(s)
• Enjoy a fantastic work-life balance with 25 days of annual leave plus Public Holidays, in addition to a bank of 16 hours of "Flex Time Off" to be used whenever and however you choose!
• Further your professional development with our Tuition Reimbursement Schemes
• Enjoy the flexibility of working from anywhere in the world for two weeks out of the year!

From the day we opened our…